Changing Oracle password in 11g using ALTER USER IDENTIFIED BY VALUES

In 11g the Oracle the hash password is no longer stored in DBA_USERS, it is stored in SYS.USER$ table in the column “PASSWORD” and “SPARE4”. So there are different ways password can be set depending on if “PASSWORD” and “SPARE4” are set in SYS.USER$ and what you want PASSWORD_VERSIONS to be. If only “SPARE4” is used to set the password the password version is 11g … Continue reading Changing Oracle password in 11g using ALTER USER IDENTIFIED BY VALUES

Oracle passwords in 11g

In 11g Oracle supports password to be case sensitive. But the password can be case insensitive depending on value of “PASSWORD_VERSIONS” and “sec_case_sensitive_logon”. In 11g dba_users view has a new column called “PASSWORD_VERSIONS”, it can have 3 possible values “10G”, “10G 11G”, “11G”. Below shows what they mean along with parameter “sec_case_sensitive_logon”. Scenario when the value of password_versions in DBA_USERS is “10G 11G”, when the … Continue reading Oracle passwords in 11g

ORA-28221: REPLACE not specified

When a user name has a profile that has a password verify function set and the user tries to change the password using “ALTER USER” without the REPLACE clause, and also the user doesn’t have ALTER USER privilege Oracle will generate the “ORA-28221: REPLACE not specified” error message. So the user needs to include the “REPLACE” clause. Example: ALTER USER <username> IDENTIFIED BY <new password> … Continue reading ORA-28221: REPLACE not specified